Ten Principles of Microsoft Patch Management

All operating systems need to be updated. It's the nature of Man that no perfect software can be created. That's a fact that will never change. However, the difference between a good and responsible software company, and one that throws its product against the wall and see's if it sticks, is the level of diligence that company makes in discovering issues with its software and correct those issues over time. In this area, Microsoft is clearly the thought and action leader, especially when it comes to security updates.

On first blush, it might seem that patch management is a "no-brainer". You just set up a WSUS server on your network and approve everything that comes down over the wire. The problem is that after the blush fades, the complexity of patch management becomes clearer. You have to think about how patches should be deployed in your environment with your unique requirements.

To help you organize your thoughts around a coherent patch management plan, Microsoft has come up with 10 principles of patch management:

Service packs should form the foundation of your patch management strategy

Make Product Support Lifecycle a key element in your strategy

Perform risk assessment using the Severity Rating System as a starting point

Contact Microsoft Product Support Services if you encounter problems in testing or deployment

Use only methods and information recommended for detection and deployment

10. The Security Bulletin is always authoritative

Microsoft takes patch management seriously. Unlike other software and hardware vendors who take security for granted because they haven't suffered high-profile security issues that Microsoft has in the last decade and a half, Microsoft makes a significant investment in time, money and manpower to make sure its software as secure as possible out of the box, and during the entire lifecycle of that software. The Microsoft patch management system is just a piece of the overall solution, but a critically important one.

Featured Links

Read Next

Deb Shinder

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Latest Podcast

Featured Freeware

Recommended

Follow Us

Ten Principles of Microsoft Patch Management

TECHGENIX

TechGenix reaches millions of IT Professionals every month, and has set the standard for providing free technical content through its growing family of websites, empowering them with the answers and tools that are needed to set up, configure, maintain and enhance their networks.